Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; style-src; +10 more
default-src *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.microsoft.com js.monitor.azure.com dc.services.visualstudio.com try-ppe.dot.net aznb-ame-prod.azureedge.net client-api.arkoselabs.com markdowneditor-public-e0gpfpcwcbbze3ag.b01.azurefd.net markdowneditor-PubDev-czdhe4dpdyaee6fj.b01.azurefd.net markdowneditor-external-Public-fmgmfefddycxdmfj.b01.azurefd.net MarkdownEditor-external-PubDev-dfgagughg7fub7h5.b01.azurefd.net h64.online-metrix.net;style-src 'self' 'unsafe-inline' *.microsoft.com aznb-ame-prod.azureedge.net try-ppe.dot.net MarkdownEditor-external-PubDev-dfgagughg7fub7h5.b01.azurefd.net markdowneditor-PubDev-czdhe4dpdyaee6fj.b01.azurefd.net markdowneditor-public-e0gpfpcwcbbze3ag.b01.azurefd.net markdowneditor-external-Public-fmgmfefddycxdmfj.b01.azurefd.net;img-src * data: blob:;frame-ancestors docs.microsoft.com *.docs.microsoft.com learn.microsoft.com *.learn.microsoft.com labclient.labondemand.com portal.azure.com *.portal.azure.com portal.azure.us portal.azure.cn ai.azure.com *.ai.azure.com learn-video.azurefd.net docs.azure.cn *.onecloud.azure-test.net *.sharepoint.com localhost:3000;worker-src 'self' blob: *.microsoft.com aznb-ame-prod.azureedge.net;form-action 'self' *.microsoft.com *.azure.cn *.pearsonvue.com;media-src 'self' blob: *.microsoft.com *.azure.cn videoencodingpublic-hgeaeyeba8gycee3.b01.azurefd.net videoencodingpubdevwus.blob.core.windows.net videoencodingpublicwus.blob.core.windows.net;base-uri 'self';font-src 'self' https: data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Connection
Performance
close
Caching Headers
4 headers
Cache-Control
Caching
public, max-age=600
Etag
Caching
"PqJCAUQEScUuqCU05dfbQ+R9Lnc="
Expires
Caching
Sun, 11 Jan 2026 23:08:42 GMT
Last-Modified
Caching
Mon, 15 Sep 2025 17:35:00 GMT
Content Headers
2 headers
Content-Length
Content
52250
Content-Type
Content
text/html
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
10 headers
Akamai-Cache-Status
Other
RefreshHit from child, RefreshHit from parent
Date
Other
Sun, 11 Jan 2026 22:58:42 GMT
Nel
Other
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
Origin-Agent-Cluster
Other
?1
Report-To
Other
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
X-Azure-Ref
Other
20260109T100554Z-16b669c9d88h8fplhC1BL1sp9n0000001fsg0000000026c5
X-Buildversion
Other
0.4.03295.7391-4fdf14cb
X-Dns-Prefetch-Control
Other
off
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
Recommendations
Enable compression (gzip/brotli) to improve performance